Access Manager

Redirection, which is required by many applications and services, inherently brings security risks to organizations. For instance, an “un-validated” redirect can allow an unsuspecting user visiting a trusted site to be redirected to a malicious site, therefore exploiting the users’ trust. Using a “whitelist” can help mitigate this vulnerability by…

ggilbe
By: ggilbe
Jul 14, 2015
10:43 am
Reads:
181
Score:
Unrated

The bring-your-own-device (BYOD) trend isn’t just for the enterprise. More and more emergency responders, such as Fire & Rescue NSW and police departments around the world are extending their computer-aided-dispatch (CAD) systems to include mobile devices. CAD allows emergency dispatch personnel to share knowledge of changing events with officers in the field. In the City…

+ read more

David Shephard
Jun 4, 2015
7:55 am
Reads:
951
Score:
Unrated

NetIQ Access Manager can support custom Geo location providers to in order to determine the risk score. Risk Based Authentication with NAM 4.1 will consume this custom provider implementation to read geolocation of user from where user is accessing the system.

By: cstumula
May 12, 2015
2:27 pm
Reads:
435
Score:
Unrated

Salesforce allows you to use any third party web application that implements the server side of the OpenID Connect protocol. This allows you to use authentication providers like NetIQ Access Manager.

By: cstumula
May 11, 2015
4:00 pm
Reads:
352
Score:
Unrated

You are writing a mobile or web application to access Amazon Web Services like Cognito Synchronized Storage, S3, Amazon DynoDB etc. Also, you need to handle Identities of your application and store the application state or access services unique per Identity in the Amazon Web Service. In this case, you want to delegate handling of Identities or don’t want to provide custom login code and delegate authentication mechanism to NetIQ Access Manager…

May 7, 2015
10:18 am
Reads:
655
Score:
Unrated

This article shows how to write a sample mobile application utilizing Oauth2.0 Implicit Grant to get an access token and ID token. Also, this shows how to get a user’s claim information using UserInfo endpoint of OpenId Connect Core 1.0 protocol. Dependencies This solution uses the following libraries…

May 6, 2015
10:54 am
Reads:
487
Score:
Unrated

Google Chrome book is gaining popularity especially among education institutes for various reasons. Some are, Google offers subscription at discounted cost for educational institutes. Google Admin Console Device management is simple and easy to control devices. Google provides number of services includes Mail, Google Drive, Calendar, Messenger, etc., as complete suite of services for an Organization. Redistribution of Chromebook is easy with powerwash, this deletes all data and reinstate the device as new.

By: cstumula
Apr 24, 2015
4:48 pm
Reads:
444
Score:
Unrated

In the previous article, I have explained the Botnets and free sites which offer a list of infected sites. Repeated here for readability “There are number of publicly available lists of known IP Addresses that are currently compromised. Various sites offer these lists for free. These hosts are running crimeware with Botnets. The…

Apr 21, 2015
12:01 pm
Reads:
865
Score:
Unrated

Introduction   There are some requirements for enterprises such as policy restriction of client location to access Office 365 services. For example STS token has to be sent only for activesync client. Or allow only internal client IPAddress. Solution   Office 365 sends information about application name, client IP, useragent, proxy information to STS as…

+ read more

By: cstumula
Apr 20, 2015
1:59 pm
Reads:
919
Score:
Unrated

Provide a know list of IP address from a simple text file. The file can be hand crafted. Or, can be downloaded from known set of vulnerable IP addresses. Configuring them in Administration Console is tedious. Use this tool to update a text file and see this is effected in “Risk Based Authentication” of NetIQ Access Manager

Apr 16, 2015
10:57 am
Reads:
1,030
Score:
Unrated